module.exports = (option, app) => {
    return async (ctx, next) => {
        if (option.find(item => item == ctx.url)) {
            await next()
        } else {
            const { authorization = '' } = ctx.header;
            let token = authorization.replace('Bearer ', '')
            if (!authorization) {
                ctx.body = await app.response.errorHandling(401, '您没有权限访问该接口!')
                return
            }
            let user = {};
            try {
                user = app.jwt.verify(token, app.config.jwt.secret)
            } catch (err) {
                ctx.body = await app.response.errorHandling(401, err.name === 'TokenExpiredError' ? 'token 已过期! 请重新获取令牌' : 'Token 令牌不合法!')
                return
            }
            app.config.user = user
            await next()
        }
    }
}